Post navigation

We all have a friend that’s made it to the upper echelons of success, they’re a C-level exec. They’re the ones with the tailored suit, VIP passes, and corporate cards that can help out friends in need.

But sometimes you do wonder how they ended up in the position they’re in – as did Kav, who told us all about Randy and their C-level friend Jhom. (names have been changed to protect the guilty innocent.)

I have people to do that for me

Jhom likes to talk about technology, like how a shark talks about dental hygiene. Sure, it’s probably a concept the shark understands, but there’s no way it could hold a toothbrush in its fins.

Whenever called out about his lack of hands-on technical skills on any system after 1991 Jhom responds with, “I don’t need to know how to do that, I have people to do that for me.”

Social media what?

Jhom doesn’t know how to use social media. The only people that don’t use social media are people in prison without access to the internet, or members of weird religious cults.

For many years Randy and I told Jhom he should create a Facebook account to at least secure his identity. When he failed to do so, some unknown people setup a Facebook account under his name.

These people would post on Jhom’s behalf, made a whole bunch of new friends, as well as connecting with some old school friends.

Luckily, before things got out of hand, Randy and I were able to track down the culprits and gain access to the account before handing control over back to Jhom. I shudder to think what would have happened had we not been there to watch his back.

Instead of being thankful Jhom accused us of being behind the account all along.

If that’s how he treats his friends, I’m glad we don’t work for him.

Fanboi

Jhom refuses to own any electronic device that isn’t made by Apple. He believes linking all his devices through iCloud is the height of convenience.

One time, in a WhatsApp group chat, Jhom disclosed he wasn’t aware of what a “meme” was. For the sake of education, Randy and I started sending photos of “infosec memes” to Jhom – not realising that autocorrect had changed “infosec” to something else.

These somewhat unsavoury photos ended up in Jhom’s iPhone, and synched to his photo library, from there they were synched to his iCloud account. The photos in his iCloud account was used by his AppleTV box as a screensaver on his television at home.

Fortunately Jhom was working at home and valiantly jumped over the coffee table to rip out the cables to the TV before his wife and kids came into the room.

His shin hurt for a few days, but he learnt a very important security lesson that day.

Presentations

Despite only having 3 stories, Jhom is a rather competent speaker who knows how to work a crowd.

What he isn’t good at doing, is remembering to turn his phone off, or disabled notifications on his Apple Watch before going up to present.

Whenever Randy and I know Jhom is on stage, we start a barrage of calls and texts to remind him to turn his devices off.

We’re just nice people like that.

Hold my phone

Because we continually remind him to disable his phone during presentations, one time Jhom left his phone with Randy and I before going up to do a presentation.

While Jhom has a passcode on his phone, the camera was unlocked. So, we decided to take a bunch of selfies and weird photos for the full 60 minutes that Jhom was on stage.

We’re sure Jhom’s family was delighted to see our smiling faces on their AppleTV screensaver.

Podcast editor

We started the Host Unknown podcast three years ago. After a hugely successful pilot podcast, we recorded the second episode which Jhom said he would edit by the end of the week.

We’re still waiting for the final product. I sure hope he doesn’t deliver security initiatives with the same enthusiasm!

Hold my phone again

One time at RSA in San Francisco, Jhom and I were at an evening event. He left his phone on the table at some point and I thought I’d check to see if he’d secured his camera. Which to his credit he had.

So, I thought I’d check to see if Siri was disabled, unfortunately it was not. To test it out, I said, “Siri, send a text to my wife saying, I’m ever so sorry, please forgive me, I love you.” By accident Siri actually sent the message to Jhom… waking up his wife in London at 3am.

Clearly that was Siri’s fault, and nothing to do with me – and Jhom’s learnt about different threat vectors.

Brutal Feedback

Jhom doesn’t mince his words. That’s not to say he’s a rude person – but if he feels like you did a bad job, he’ll tell you to your face. He won’t anonymously leave negative comments, and he certainly won’t shy away from a difficult conversation.

But perhaps more important than that is that Jhom is also very welcoming of brutal feedback. He understands how to separate the person from the problem, not afraid to admit when he’s wrong – and take steps needed to fix any issues.

And that, maybe, is why he’s far better-suited to being a C-level exec than I am.

Host Unknown sole founder Javvad Malik was accompanied by fellow sole founder Thom Langford in Las Vegas for what many affectionately refer to as ‘hacker summer camp’ which consists of three major events, Bsides LV, Blackhat, and DefCon.

We were proud to be a super donor for BSidesLV – and are glad that our credit card company hasn’t sent bailiffs around to confiscate office equipment yet.

But in order to really make it in Vegas, you have to really stand out and do something spectacular. And while other vendors are usually in the business of throwing lavish parties in loud environments filled with liquor. Host Unknown knows that the best party is one where you can have a conversation, and invite only people who work for vendors, or have a corporate card and then thank them publicly for being a generous sponsor.

We must admit, it was probably the best party in town,

“The Host Unknown party was the best party in town” – Javvad Malik

This comment was reiterated by another random person we asked.

“I concur with this gentleman, this was by far the best party in town” – Thom Langford

After all that partying, you’d imagine Host Unknown would be running on empty. But no, these sole founders are deceptively resilient. Jayson Street made a point to find them at DefCon and requested an awkward hug.

Stay tuned for more awesome Unknown Parties coming to a security event to you soon. Time and venues are kept secret till last minute to keep numbers down, so prepare for disappointment if you can’t make it, and even more disappointment if you do make it.

Host Unknown, the undisputed leader in information-security based videos made by three random men out of London isn’t one to crave the spotlight.

It is why the group that podcasts, sings, acts, and dances, have been maintaining a low profile over the last year.

But that isn’t to say the group has cut down on it’s behind the scenes philanthropic mission.

A few weeks ago, Host Unknown was proud to sponsor BsidesLondon, providing the attendees with a wonderful selection of lanyards.

One attendee said,

“This is the best lanyard I’ve ever received at a conference. I’m never taking this off, even when I sleep at night. It’s a symbol of quality right there. If I could ever meet Host Unknown, I’d shake their hand.” – Lom Thangford

Not just content with sponsoring one Bsides, the group also made a sizeable lanyard donation to BSidesAthens.

The sponsorship clearly had an impact as one attendee said, “As soon as I heard Host Unknown had sponsored Bsides Athens, I booked a ticket and flight over. When Host Unknown puts its name to something, you know it’s the seal of approval.” – Mavvad Jalik.

Not wanting to stop at lanyards, Host Unknown is also proudly supporting SteelCon in Sheffield, agreeing to host the wildly popular quiz night.

One attendee said, “We don’t get many nice things up here in Sheffield, not since my dad got laid off from the mill. But when I heard that Host Unknown were coming up and organising the quiz, it was as if all my Christmases had come at once. I’ll be right at the front hoping to catch the eye of the three men who’ve inspired me to remain strong and follow my dreams.” Agny Andreas

Host Unknown, the undisputed leader in information-security based videos made by three random men based out of London is unwavering in supporting the community.

The trio who podcast, act, sing, and dance have delighted and educated the information security scene for the past several years.

Sole Founder Javvad Malik was on the original committee that founded BSides London explained the rationale behind sponsoring the event that takes place on the 8th of June 2016 at the ILEC Conference Centre in London.

“I’m so proud of what BSides has achieved over the last few years. From the humble beginnings in 2011, I’ve seen it grow almost as fast as Andy’s waistline. But simply delivering awesome talks and being a beacon of coolness doesn’t pay the way for conferences and we felt it was time to give back in a more direct way.”

Sole Founder Andrew Agnês elaborated further, “We looked at everything that is important to make a conference happen. Venue, speakers, crew, tickets, catering, after-parties – the works. I made the executive decision to support the conference in the most meaningful way possible – and that was to supply lanyards and badge ribbons. The real measure of how successful a conference is.”

Sole Founded Thom Langford added, “When you have piles of money and Panama is no longer a viable investment option, you can get bored very quickly. Even after my great grandfather contracted Delirium Tremens, he continued to support his community. I’d like to think he’s proud of me continuing his legacy today.”

*About Host Unknown*

Host Unknown is an information security educational / entertainment group from London, England. It was the pioneer and most significant popularisers of Infosec-Rap and is widely considered one of the seminal groups (based in London) in the history of information security. The group has endured controversy owing to their lyrics which many security managers viewed as being disrespectful of their trade, as well as its glorification of certifications and risk management. The group was subsequently banned from many IRC and sub-Reddit channels. In spite of this, the group has amassed 50,000 YouTube views.